- Joined
- May 21, 2008
- Messages
- 1,225
- Reaction score
- 110
Learn how to leech correct!Create DLL and Hook Client
PUSH Offeset Name DLL
LoadLibrerayA
JMP EntryPoint
004B1FE0 E8 6F500E00 CALL theduel.00597054
004B1FE5 81EC 50040000 SUB ESP,450
0059704B . 53 46 58 2E 64>ASCII "SFX.dll",0
00597053 60 PUSHAD
00597054 68 4B705900 PUSH theduel.0059704B ; ASCII "SFX.dll"
00597059 E8 19AD267C CALL kernel32.LoadLibraryA
0059705E 85C0 TEST EAX,EAX
00597060 75 0B JNZ SHORT theduel.0059706D
00597062 58 POP EAX
00597063 A1 601C6400 MOV EAX,DWORD PTR DS:[641C60]
00597068 C3 RETN
00597069 61 POPAD
0059706A CC INT3
0059706B CC INT3
0059706C 60 PUSHAD
0059706D 6A 00 PUSH 0
0059706F E8 665D287C CALL kernel32.ExitProcess
00597074 58 POP EAX
00597075 61 POPAD
Tutorial said:Full Credit to: Linear88.
1. Start > Run > regedit
2. Right click > New > DWORD key.
3. Select the option decimal.
4. Type the number you want.
5. Press OK.
6. Copy/Remember the hexadecimal number (excluding 0x0000)
7. Delete the key (since its just useless there).
8. Done.
I converted the ClientHook to VC++ 2005, and now it can't compile due to the CDetour missing stuff.
A mini-tut on how to find hexadecimal (I found this myself while thinking of regedit)
<?php
echo dechex("7777") . "<br />";
echo hexdec("1e1e");
?>
The different IP's are used to identify the server to change the port on the client too, if you dont use the DLL in the client it will always try to connect by the 7777 port.
i was wondering if someone can help me i dont get the client hook part
sorry of there is a stupid spammingNice Realse lambda, 10000000000000000/10